<?php
$pageTitle = "个人中心";
$currentPage = "center";
include('./headers.php');
include('./db/conn.php');

// 检查用户是否已登录
if (!isset($_COOKIE['user_id'])) {
    header("Location: login.php");
    exit();
}

// 获取用户信息
$user_id = $_COOKIE['user_id'];
$sql = "SELECT * FROM user WHERE user_id='$user_id'";
$result = $conn->query($sql);

if ($result->num_rows != 1) {
    echo "用户信息获取失败，请稍后重试。";
    exit();
}

$user = $result->fetch_assoc();

// 处理修改个人信息的表单提交
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['update_profile'])) {
    $username = isset($_POST['username']) ? $_POST['username'] : $user['username'];
    $email = isset($_POST['email']) ? $_POST['email'] : $user['email'];
    $phone = isset($_POST['phone']) ? $_POST['phone'] : $user['phone'];
    $sex = isset($_POST['sex']) ? $_POST['sex'] : $user['sex'];
    $age = isset($_POST['age']) ? $_POST['age'] : $user['age'];

    // 处理上传的头像
    if (!empty($_FILES['src']['name'])) {
        $src = 'uploads/' . basename($_FILES['src']['name']);
        if (move_uploaded_file($_FILES['src']['tmp_name'], $src)) {
            $sql = "UPDATE user SET src='$src' WHERE user_id='$user_id'";
            if ($conn->query($sql) === TRUE) {
                $user['src'] = $src;
                echo "头像更新成功！";
            } else {
                echo "头像更新失败，请稍后重试。";
            }
        } else {
            echo "头像上传失败。";
        }
    }

    // 更新用户信息
    $sql = "UPDATE user SET username='$username', email='$email', phone='$phone', sex='$sex', age='$age' WHERE user_id='$user_id'";
    if ($conn->query($sql) === TRUE) {
        echo "个人信息更新成功！";
        $user['username'] = $username;
        $user['email'] = $email;
        $user['phone'] = $phone;
        $user['sex'] = $sex;
        $user['age'] = $age;
    } else {
        echo "个人信息更新失败，请稍后重试。";
    }
}

// 处理修改密码的表单提交
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['change_password'])) {
    $old_password = $_POST['old_password'];
    $new_password = $_POST['new_password'];
    $confirm_password = $_POST['confirm_password'];

    // 检查新密码和确认密码是否一致
    if ($new_password != $confirm_password) {
        echo "新密码和确认密码不一致，请重新输入。";
    } else {
        // 验证旧密码
        if ($password == $user['password']) {
            // 更新密码
            $new_password = mysqli_real_escape_string($conn, $new_password);
            $sql = "UPDATE user SET password='$new_password_hashed' WHERE user_id='$user_id'";
            if ($conn->query($sql) === TRUE) {
                echo "密码修改成功！";
            } else {
                echo "密码修改失败，请稍后重试。";
            }
        } else {
            echo "旧密码错误，请重新输入。";
        }
    }
}
?>

<!DOCTYPE html>
<html lang="zh-CN">

<head>
    <title>个人中心</title>
    <link rel="stylesheet" href="https://cdn.staticfile.net/twitter-bootstrap/5.1.1/css/bootstrap.min.css">
</head>

<body>
    <div class="container">
        <h2>个人中心</h2>
        <div class="text-center">
            <img class="src" src="<?php echo $user['src']; ?>" alt="头像" width="100" height="100">
            <h3><?php echo $user['username']; ?></h3>
            <p>账号: <?php echo $user['email']; ?></p>
            <p>电话: <?php echo $user['phone']; ?></p>
            <p>性别: <?php echo $user['sex']; ?></p>
            <p>年龄: <?php echo $user['age']; ?></p>
        </div>

        <h4>修改个人信息</h4>
        <form method="post" action="" enctype="multipart/form-data">
            <input type="hidden" name="update_profile" value="1">
            <div class="form-group">
                <label for="username">用户名:</label>
                <input type="text" class="form-control" id="username" name="username" placeholder="留空则不修改">
            </div>
            <div class="form-group">
                <label for="email">邮箱:</label>
                <input type="email" class="form-control" id="email" name="email" placeholder="留空则不修改">
            </div>
            <div class="form-group">
                <label for="phone">电话:</label>
                <input type="text" class="form-control" id="phone" name="phone" placeholder="留空则不修改">
            </div>
            <div class="form-group">
                <label for="sex">性别:</label>
                <select class="form-control" id="sex" name="sex">
                    <option value="">留空则不修改</option>
                    <option value="男">男</option>
                    <option value="女">女</option>
                </select>
            </div>
            <div class="form-group">
                <label for="age">年龄:</label>
                <input type="number" class="form-control" id="age" name="age" placeholder="留空则不修改">
            </div>
            <div class="form-group">
                <label for="src">头像:</label>
                <input type="file" class="form-control" id="src" name="src">
            </div>
            <button type="submit" class="btn btn-primary mt-3">更新信息</button>
        </form>

        <h4 class="mt-5">修改密码</h4>
        <form method="post" action="">
            <input type="hidden" name="change_password" value="1">
            <div class="form-group">
                <label for="old_password">旧密码:</label>
                <input type="password" class="form-control" id="old_password" name="old_password" required>
            </div>
            <div class="form-group">
                <label for="new_password">新密码:</label>
                <input type="password" class="form-control" id="new_password" name="new_password" required>
            </div>
            <div class="form-group">
                <label for="confirm_password">确认新密码:</label>
                <input type="password" class="form-control" id="confirm_password" name="confirm_password" required>
            </div>
            <button type="submit" class="btn btn-primary mt-3">修改密码</button>
        </form>

        <p><a href="logout.php" class="btn btn-danger mt-3">退出登录</a></p>
    </div>
</body>

</html>
